Content-Security-Policy | default-src https:;img-src 'self' data: *.typekit.net *.google-analytics.com *.ytimg.com *.dnb.no *.webtrendslive.com *.facebook.com s3-eu-west-1.amazonaws.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' *.typography.com *.adform.net *.twitter.com *.typekit.net *.googleapis.com *.cloudflare.com *.google-analytics.com code.jquery.com *.facebook.net cdn.polyfill.io tags.tiqcdn.com s.webtrends.com statse.webtrendslive.com;style-src 'self' 'unsafe-inline' *.kortlappen.no *.typography.com *.typotheque.com *.googleapis.com; |